[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dfey-masters] Bitfolk supporting DFEY
From: |
Tim Dobson |
Subject: |
[Dfey-masters] Bitfolk supporting DFEY |
Date: |
Sun, 15 Nov 2009 23:12:02 +0000 |
User-agent: |
Thunderbird 2.0.0.23 (X11/20090817) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there everyone.
I do apologise for being so quiet for so long. I've had my hands full
with Barcamp Manchester last weekend.
I'm still catching up with my todo list.
At Oggcamp I gave a talk about engaging young people in technology,
pretty much identical to the one I gave at WYLUG a few weeks ago[2].
Afterwards I was approached by Andy Smith from Bitfolk[3]. Some people
here may be aware of the community VPS, dogfish.dfey.org which currently
hosts our website and a number of other services.
Andy offered to allow DFEY to use the Dogfish VPS (maintaining the same
spec) for free with a number of preconditions, none of which I see being
a major issue:
* It is not used for commercial purposes
* We take steps to ensure abuse doesn't originate from dogfish
* We take steps to ensure that dogfish isn't compromised
* We notify Bitfolk immediately if dogfish is compromised
* If the machine causes him a lot of work (eg. is compromised more than
once) then we will have to understand it is not viable for bitfolk to
continue supporting us.
In return for the VPS, we will list them on our website as providing the
VPS.
If we ever need more hosting for special events etc we should negotiate
with them.
Keeping the machine secure should not mean that people are tied down and
unable to play around on it however it does mean we need to take a
pro-active response to the security and administration of the machine.
We already require ssh public key authentication to access dogfish. This
is good. We need to continue to only allow access with keys.
We already have a proactive outlook on security updates with the
sysadmin team being emailed when new updates are available and with them
typically being installed promptly.
We need to establish a policy towards accounts on the machine - give
them out to people who we trust and have known for some time. Accounts
need to be deactivated after a period once people lose touch and stop
using them. I'm not sure exactly how people feel this should work put
thoughts are more than welcome.
We need to keep reliable written records of who has access to what and
how to contact them.
We need to regularly audit web applications installed on the machine for
potential security issues and make sure everything is patched appropriately.
Bitfolk have been very supportive of what we are setting out to do and
I'm very pleased to announce this partnership.
Feedback, thoughts and questions, as always, is welcome. :)
Cheers
Tim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAksAirwACgkQYikrIzu3ywN/6wCfWbISd69BVgicUUe3d/zqo7cK
mwMAoIRKJUoaXBOXW0XsS5fWwOlRMet6
=weQk
-----END PGP SIGNATURE-----
- [Dfey-masters] Bitfolk supporting DFEY,
Tim Dobson <=